That would require MTAs to detect MUA added Message-IDs and
remove them
or to share the secret with the MUAs so they can correctly
generate the
tokens.
That is not very hard to do. The problem is that it might screw
up the client if the client tries similar processing - although
this is a feature that really should be the MSA responsibility
if being an MSA means anything.
There are two basic questions for such IDs:
Who generated them and can that be shown?
No.
Was that ID generated for this specific message or some other (ie
possibly re-used)?
This is not really an issue, the only party that can decode
them is the one that created them. The only information being
obtained is that a message is a reply to a previous message.
There is of course a cut and paste attack problem (unless
we believe the claim that spam senders don't forge). This is
why the technique is of limited use if you don't have an
authentication mechanism as well, but even though limited the
attack is not very easy.
* The stolen token only works for a single end user!
* The sending MSA can put time limits on validity
It is in any case no more attackable than intrusive
challenge/response.
Phill
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg